Canada has a new cybersecurity strategy – does it impact you?

A recent government survey showed that although 94% of Canadian business collect personal data from their customers, they still have a long way to go to in protecting it, with three quarters of the business executives and owners having never reviewed their responsibilities and one third not having taken any steps at all.

Public Safety Minister Ralph Goodale has announced a new cybersecurity strategy to “detect, deter, investigate and prosecute” cyber crime. The plan has funding of $500 million over the next decade to achieve three main goals:

Secure and resilient Canadian systems to protect personal information of Canadian citizens.

An innovative and adaptive cyber ecosystem to improve cybersecurity awareness and availability of trained cyber security resources to help businesses improve their security and respond to cyber threats.

Effective leadership and collaboration, including guidance from the Government of Canada on cyber security standards and legislation, as well as information sharing. The federal government will work in consultation with a cross-section of Canadian stakeholders to collectively enhance cyber security in Canada.

The question is, how will businesses, especially the small business at highest risk, be helped by this plan without more specific guidance and dedicated funding to help Canada’s cybersecurity industry grow? Our answer is to look to your neighbors in the U.S. and the example of how our National Institute of Standards & Technology Cyber Security Framework has been a valuable tool for businesses who want guidance in how to develop an ongoing cybersecurity program that starts with identifying risk, verifying protection, detecting possible threats, providing a quick response, and learning from incidents to avoid similar attacks.

Foresite has helped many businesses with identifying areas of cyber risk and establish ongoing controls and testing to mitigate them. This case study is just one example as to how this can be done. Contact us to see how we can help your Canadian or US-based business be protected.